Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[okhttp:3.8.0] SSLSocketFactory Crash with Android 4.1.2.

See original GitHub issue

I observed this crash often occurring with Samsung 4.1.2 devices for my app. Crash occurs while building a OkHttpClient.

Crash :

MyNetworkServiceRetryThread:null:java.lang.AssertionError:
at okhttp3.OkHttpClient.javax.net.ssl.SSLSocketFactory systemDefaultSslSocketFactory(javax.net.ssl.X509TrustManager)(SourceFile:292)
at okhttp3.OkHttpClient.void <init>(okhttp3.OkHttpClient$Builder)(SourceFile:250)
at a.b.c.net.MyNetworkService.okhttp3.OkHttpClient okhttp3.OkHttpClient$Builder.build()(SourceFile:3907)

Scenario : I have set the socket factory and trust manager for “TLS” something like this :

TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
    throw new IllegalStateException("Unexpected default trust managers:"+ Arrays.toString(trustManagers));
}
X509TrustManager trustManager = (X509TrustManager) trustManagers[0];

SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, new TrustManager[] { trustManager }, null);
SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();

OkHttpClient client = new OkHttpClient.Builder()
    .sslSocketFactory(sslSocketFactory, trustManager);
    .build();

However, I am providing my own KeyStore so trustManagerFactory.init((KeyStore) null); above is not set to null.

Any help/workarounds ?

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:9

github_iconTop GitHub Comments

2reactions
yschimkecommented, Nov 22, 2017

The first two look like broken JVMs. In the first, the harmony provider is inconsistent internally. In the second it doesn’t provide the well known “X509” trust manager.

If you really want to track these down, I think you might need to collect details about the phone, OS version. But ultimately I don’t think you will get a direct fix anyway. These are on really old versions of Android, so updates are unlikely.

If these are happening enough to worry about, you might consider using the Google Play provider. https://developer.android.com/training/articles/security-gms-provider.html.

@swankjesse @JakeWharton thoughts?

1reaction
shailesh-motacommented, Nov 20, 2017

@yschimke these are the following different types of “Causes” reported with the exception :

Caused by:
java.security.KeyManagementException: 
java.security.KeyStoreException: 
java.security.NoSuchAlgorithmException:
KeyStore BKS implementation not found:
org.apache.harmony.xnet.provider.jsse.SSLParametersImpl.createDefaultKeyManager(SSLParametersImpl.java:370):
org.apache.harmony.xnet.provider.jsse.SSLParametersImpl.getDefaultKeyManager(SSLParametersImpl.java:356):
org.apache.harmony.xnet.provider.jsse.SSLParametersImpl.<init>(SSLParametersImpl.java:112):

Caused by:
java.security.NoSuchAlgorithmException: 
TrustManagerFactory X509 implementation not found:
org.apache.harmony.security.fortress.Engine.notFound(Engine.java:177):
org.apache.harmony.security.fortress.Engine.getInstance(Engine.java:151):
javax.net.ssl.TrustManagerFactory.getInstance(TrustManagerFactory.java:72):

java.lang.IllegalStateException
Cause already initialized
at okhttp3.internal.Util.java.lang.AssertionError assertionError(java.lang.String,java.lang.Exception)(SourceFile:482)
at okhttp3.OkHttpClient.javax.net.ssl.SSLSocketFactory systemDefaultSslSocketFactory(javax.net.ssl.X509TrustManager)(SourceFile:302)
at okhttp3.OkHttpClient.void <init>(okhttp3.OkHttpClient$Builder)(SourceFile:253) 
at my.package.MyService.okhttp3.OkHttpClient okhttp3.OkHttpClient$Builder.build()(SourceFile:3919)

Any suggestions ? (Especially for 2nd and 3rd crash type.)

Read more comments on GitHub >

github_iconTop Results From Across the Web

proguard - okhttp3 minifyEnabled causes crash on Android 4.1.2
I experienced an identical problem on Android 4.1.1 with OkHttp 3.12.12 but the suggest fix to proguard rules did not correct my issue....
Read more >
3.x Change Log - OkHttp
Fix: Don't crash when running as a plugin in Android Studio Canary 4.1. To enable platform-specific TLS features OkHttp must detect whether it's...
Read more >
PI83412: ANDROID APP WOULD CRASH AFTER UPGRADE ...
After upgrading from OkHttp 3.0.1 to 3.1.0 Android App crash and get the following stack trace and crash after calling build() to create...
Read more >
SSLSocket - Android Developers
SSLSocket s are created by SSLSocketFactory s, or by accept ing a connection from a ... API Levels 1 to 8 use OpenSSL...
Read more >
Diff - platform/external/okhttp - Google Git
+ * Fix: Recover from `getsockname` crashes impacting Android releases prior to + ... Returns the concatenation of 8-bit, length prefixed protocol names....
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Caused by: android.system.GaiException: android_getaddrinfo failed

Next page

java.lang.IllegalStateException: Unbalanced enter/exit